root@mybox:/tmp/fakebin
# ls -ld .
drwxr-xr-x 2 root root 1024 Jan 28 09:44 .
root@mybox:/tmp/fakebin
# ls -l
total 1
-rwxr-x--- 1 sexec root 90 Jan 28 09:44 cmd.pl
root@mybox:/tmp/fakebin
# cat cmd.pl
#!/usr/bin/perl -w

use strict;
use warnings;

print "Secret command output.\n";

exit 0;

##</code><code>##

bob ALL = (sexec) NOPASSWD: /tmp/fakebin/cmd.pl

##</code><code>##


bob@mybox:~
$ sudo -u sexec /tmp/fakebin/cmd.pl
Secret command output.
bob@mybox:~
$ cat /tmp/fakebin/cmd.pl
cat: /tmp/fakebin/cmd.pl: Permission denied
bob@mybox:~
$ sudo -u sexec /bin/cat /tmp/fakebin/cmd.pl
Password:
Sorry, user bob is not allowed to execute '/bin/cat /tmp/fakebin/cmd.pl' as sexec on mybox.localdomain.tld.